BrainDamage Python Backdoor

BrainDamage is a python based backdoor which uses Telegram as C&C server.

Features

--> Persistance
--> USB spreading
--> Port Scanner
--> Router Finder
--> Run shell commands
--> Keylogger
--> Insert keystrokes
--> Record audio
--> Webserver
--> Screenshot logging
--> Download files in the host
--> Execute shutdown, restart, logoff, lock
--> Send drive tree structure
--> Set email template
--> Rename Files
--> Change wallpaper
--> Open website
--> Send Password for
 • Chrome
 • Mozilla
 • Filezilla
 • Core FTP
 • CyberDuck
 • FTPNavigator
 • WinSCP
 • Outlook
 • Putty
 • Skype
 • Generic Network
--> Cookie stealer
--> Send active windows
--> Gather system information
 • Drives list
 • Internal and External IP
 • Ipconfig /all output
 • Platform

Abilities

whoisonline- list active slaves
This command will list all the active slaves.

destroy- delete&clean up
This command will remove the stub from host and will remove registry entries.

cmd- execute command on CMD
Run shell commands on host

download- url (startup, desktop, default)
This will download files in the host computer.

execute- shutdown, restart, logoff, lock
Execute the following commands

screenshot- take screenshot
Take screenshot of the host of computer.

send- passwords, drivetree, driveslist, keystrokes, openwindows
This command will sends passwords (saved browser passwords, FTP, Putty..), directory tree of host (upto level 2), logged keystrokes and windows which are currently open

set- email (0:Default,1:URL,2:Update), filename (0: Itself, 1: Others), keystrokes (text)
This command can set email template (default, download from url, update current template with text you’ll send), rename filenames or insert keystrokes in host.

start- website (URL), keylogger, recaudio (time), webserver (Port), spread
This command can open website, start keylogger, record audio, start webserver, USB Spreading